/**
DT * 图片信息编辑验证器
 * @author 黄挺
 */
package com.khotyn.heresy.validator;

import java.util.regex.Pattern;

import org.springframework.validation.Errors;
import org.springframework.validation.Validator;

import com.khotyn.heresy.bean.PictureDetail;

public class PictureEditValidator implements Validator {

	public boolean supports(Class clazz) {
		return PictureDetail.class.equals(clazz);
	}

	public void validate(Object obj, Errors errors) {
		PictureDetail pictureDetail = (PictureDetail) obj;

		// 如果图片名字为空
		if (Pattern.matches("^\\s{0,}$", pictureDetail.getName())) {
			errors.rejectValue("name", "pictureDetail_name_empty", "图片名字不能为空");
		}

		// 图片名称过长
		if (pictureDetail.getName().length() > 100) {
			errors.rejectValue("name", "pictureDetail_length_overflow",
					"图片名称过长");
		}

		// 图片名字中包含了SQL关键字
		if (Pattern.matches("select|update|delete|exec|count|'|\"|=|;|>|<|%",
				pictureDetail.getName())) {
			errors.rejectValue("name", "pictureDetail_name_SQLInjection",
					"请不要输入SQL关键字");
		}

		// 输入的描述过长
		if (pictureDetail.getDescription().length() > 1000) {
			errors.rejectValue("description",
					"pictureDetail_description_length_overflow", "您输入的描述长度过长");
		}

		// 描述中包含了SQL关键字
		if (Pattern.matches("select|update|delete|exec|count|'|\"|=|;|>|<|%",
				pictureDetail.getDescription())) {
			errors.rejectValue("description",
					"pictureDetail_description_SQLInjection", "请不要输入SQL关键字");
		}
	}

}
